Healthcare Accounted for 26 Percent of Cybersecurity Incidents in Q2 2017 | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Healthcare Accounted for 26 Percent of Cybersecurity Incidents in Q2 2017

September 28, 2017
by Heather Landi
| Reprints

McAfee, Inc., a computer security software company, recently released its McAfee Labs Threats Report assessing reported attacks across industries, and reveals growth trends in malware, ransomware, mobile malware, and other threats in the second quarter of 2017.

The security firm reported that the health care sector and social media sites were popular cyberattack targets in the second quarter of 2017, and the health, education and public sectors accounting for more than half of total cybersecurity incidents globally in 2016 and 2017. McAfee Labs saw healthcare surpass the public sector to report the greatest number of security incidents in the second quarter of this year.

McAfee Labs’ quarterly analysis of publicly disclosed security incidents found the public sector to be the most impacted North American sector over the last six quarters, but healthcare overtook it in Q2 with 26 percent of incidents. “While overall healthcare data breaches are most likely the result of accidental disclosures and human error, cyberattacks on the sector continue to increase. The trend began the first quarter of 2016 when numerous hospitals around the world sustained ransomware attacks. The attacks paralyzed several departments and, in some cases, the hospitals had to transfer patients and postpone surgeries,” the report authors wrote.

“Whether physical or digital, data breaches in healthcare highlight the value of the sensitive personal information organizations in the sector possess,” Vincent Weafer, vice president for McAfee Labs, said in a statement. “They also reinforce the need for stronger corporate security policies that work to ensure the safe handling of that information.”

In the second quarter of 2017, the McAfee Labs Global Threat Intelligence network registered notable trends in cyber threat growth and cyberattack incidents across industries. McAfee Labs counted 311 publicly disclosed security incidents in Q2, an increase of 3 percent over Q1. Seventy-eight percent of all publicly disclosed security incidents in Q2 took place in the Americas.

The health, public, and education sectors comprised more than half of total incidents in 2016-2017 worldwide. And, in North America, the health sector attacks led vertical sectors in Q2 security incidents in the Americas.

New ransomware samples again increased sharply in Q2, by 54 percent. The number of total ransomware samples grew 47 percent in the past four quarters to 10.7 million samples, McAfee reports.

McAfee’s analysis of the WannaCry and NotPetya attacks builds on the organization’s previous research by providing more insight into how the attacker creatively combined a set of relatively simple tactics, melding a vulnerability exploit, proven ransomware, and familiar worm propagation, according to the report. McAfee notes that both attack campaigns lacked the payment and decryption capabilities to successfully extort victims’ ransoms and unlock their systems.

“It has been claimed that these ransomware campaigns were unsuccessful due to the amount of money made,” Raj Samani, chief scientist for McAfee, said in a statement. “However, it is just as likely that the motivation of WannaCry and NotPetya was not to make money but something else. If the motive was disruption then both campaigns were incredibly effective. We now live in a world in which the motive behind ransomware includes more than simply making money, welcome to the world of pseudo-ransomware.”

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Cedars-Sinai Collaborates on Organs-on-Chip Precision Medicine Project

Scientists at Los Angeles-based Cedars-Sinai, in partnership with biotechnology startup Emulate, are pioneering a Patient-on-a-Chip program to help predict which disease treatments would be most effective based on a patient's genetic makeup and disease variant.

Blockchain Company Hashed Health Gets New Partner

ODH, Inc., a New Jersey-based health technology company, has joined with blockchain innovation consortium Hashed Health.

NCQA Approved by Government as ONC-Authorized Testing Lab

The National Committee for Quality Assurance (NCQA) has announced that its eMeasure testing laboratory is now approved by the Office of the National Coordinator for Health Information Technology (ONC).

Survey: Infrastructure, Interoperability Key Barriers to Global HIT Development

A new survey report from Black Book Research on global healthcare IT adoption and records systems connectivity finds nations in various phases of regional electronic health record (EHR) adoption. The survey results also reveal rapidly advancing opportunities for U.S.-based and local technology vendors.

Penn Medicine Opens Up Telehealth Hub

Philadelphia-based Penn Medicine has opened its Center for Connected Care to centralize the health system’s telemedicine activities.

Roche to Pay $1.9B for Flatiron Health

Switzerland-based pharmaceutical company Roche has agreed to pay $1.9 billion to buy New York-based Flatiron Health Inc., which has both an oncology EHR and data analytics platform.